TCP/IP Essentials A Lab-Based Approach Shivendra Panwar, Shiwen Mao Jeong-dong Ryoo, and Yihan Li Chapter 8 The Web, DHCP, NTP and NAT
TCP/IP Essentials A Lab-Based Approach
Shivendra Panwar, Shiwen Mao Jeong-dong Ryoo, and Yihan Li
Chapter 8 The Web, DHCP,
NTP and NAT
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 2
World Wide Web (WWW)
n The first WWW browser was written by Tim Berners-Lee in 1990.
n The popularity of WWW resulted in the exponential growth for the Internet.
n In WWW, information is typically provided as Hyper Text Markup Language (HTML) files (web pages).
n WWW resources are specified by Uniform Resource Locators (URL).
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 3
URL n A standard scheme for compactly identifying any
document on any Web server n Components:
¨ A protocol name: http, rtp, rtsp ¨ :// ¨ A server domain name or server IP address ¨ A path to a resource ( an HTML file or a CGI script)
http://[email protected]:999/ee-dept/event.html
Service Type: http, telnet, ftp, gopher, …
System Name
Port Number: specified if non-default port is used
File Name
Path Name
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 4
HyperText Transfer Protocol (HTTP) n Application layer protocol n Distributes information in the WWW n Based on the client/server architecture
¨ HTTP client (web browser): sends a request to a server for a file ¨ HTTP server (web server): well-known port number 80, responds
with the requested file if it is available ¨ A single TCP connection is used
Network IP
TCP
web browser HTTP
Network IP
TCP
web server HTTP
request
response
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 5
HTTP Messages n English-based and flexible, not code-based as
lower layer protocols n Components of an HTTP message:
¨ A start-line ¨ Optional headers, each has a header name and a
value ¨ A blank line (a “\r\n” only) ¨ The requested file or other data in an HTTP response.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 6
HTTP Request Message n Request Line:
¨ Request Type ¨ URL ¨ HTTP version
n Optional Headers ¨ Header name ¨ Value
n A blank line
The Request Type defines methods in messages § GET, HEAD – retrieve a full document or some info about a document from the
server § PUT, PATCH – provide a new/replacement document or a list of difference to
implement in an existing document to the server § COPY, MOVE, DELETE – copy, move, or delete a document § … …
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 7
HTTP Response Message n Status Line:
¨ HTTP version ¨ Status Code ¨ Status phrase
n Optional Headers ¨ Header name ¨ Value
n A blank line n Data Body
§ The Status Code is similar to those in the FTP and the SMTP protocol with 3 digits
§ The Status Phrase explains the status code such as continue, switching, OK, accepted, no content, multiple choices, bad request, unauthorized, forbidden, not found, internal server error, service unavailable, … …
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 8
HTTP TCP Connections
n The client first establishes a TCP connection to the server before an HTTP request
n The server may terminate the TCP connection after the HTTP response is sent
n For embedded objects in a HTML file ¨ The client sends a request for each embedded object ¨ In HTTP/1.0, the client establishes a TCP connection for each
request, not efficient for a file with many embedded objects ¨ In HTTP/1.1, persistent connections are supported
n All embedded objects are sent through the TCP connection established for the first request
n Both the client and server have to enable the persistent connection feature
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 9
HTTP Requests & Responses
¨ HTTP has four stages: Open, Request, Response, Close ¨ A TCP session for HTTP/1.0 does not stay open and wait for
multiple requests/responses – not efficient when HTML file has many embedded objects like pictures
¨ HTTP/1.1 supports persistent connections that allow all the embedded objects sent through the same TCP connection
Network
IP
TCP
web browser
HTTP
Network
IP
TCP
web server
HTTP request
response
open
opened
close
closed
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 10
HTTP Proxies
n Proxy server acts as both a client and server ¨ receiving client’s initial requests, translating requests, passing
requests to other servers n Proxies can be used with firewalls to block undesired traffic n Cache feature of a Web proxy server reduces network traffic by
saving recently viewed pages on the disk driver
Network IP
TCP
web browser HTTP
request
response
Network IP
TCP
web server HTTP
Cache Network
IP
HTTP TCP
proxy request
response
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 11
Common Gateway Interface (CGI) n CGI is a technology that creates and handles dynamic
documents n Dynamic web pages provide a two-way communication
between web clients and servers: on-line opinion poll, e-commerce
n CGI uses two files ¨ An HTML form, for a user to input data ¨ A CGI script,
n processing user input data and generating a response dynamically
n Any program that can read input from the standard input (STDIN) and write output to the standard output (STDOUT) can be used as CGI script
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 12
CGI Operations
n A user downloads the HTML form (consisting of text inputs, checklists, and buttons), inputs data, and submit the data
n A web server invokes the CGI script n The web server returns the CGI response to the client
(3) Response created by CGI
(1) HTML form for user input data
Client
(2) CGI script is invoked to generate a response based on the input data
Server
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 13
Apache Web Server
n The Apache server is the most popular web server in the Internet, according to the web server survey from Netcraft.
n Apache server is an open source software.
n Apache is a process-based web server ¨ Stable, other child processes won’t be affected when one child
process crashes ¨ Scalable, allowing more client requests to be processed
simultaneously
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 14
DHCP n Dynamic Host Configuration Protocol (DHCP) is
designed, to dynamically configure TCP/IP hosts in a centralized manner from DHCP server.
n DHCP server maintains a collection of configuration parameters, such as IP addresses, subnet mask, default gateway IP address, to make a configured host work in the network.
n A DHCP client queries the server for the configuration parameters.
n The DHCP server returns configuration parameters to the client.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 15
DHCP n DHCP can provide persistent storage of network
parameters for the clients ¨ A client can be assigned with same set of parameters whenever
it bootstraps, or is moved to another subnet ¨ The DHCP server keeps a key-value entry for each client and
uses the entries to match queries from the clients ¨ The entry could be a combination of a subnet address and the
MAC address (or domain name) of a client n DHCP can also assign configuration parameters
dynamically ¨ The DHCP server maintains a pool of parameters and assigns
an unused set of parameters to a querying client ¨ A DHCP client leases an IP address for a period of time. When
the lease expires, the client may renew the lease, or the IP address is put back to the pool for future assignments
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 16
DHCP Operations n When two DHCP servers are used
§ A client first broadcasts a DHCPDISCOVERY message on its local physical network during bootstrapping. § The message may be forwarded by relay agents to servers in other
physical networks. § Each server may respond with a DHCPOFFER message with
an available network address in the Your IP Address field.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 17
DHCP Operations n When two DHCP servers are used
§ The client may receive more than one DHCPOFFER messages. ¨ It chooses one server from all responding servers based on the
configuration parameters offered. ¨ The client then broadcasts a DHCPREQUEST message with the
Server Identifier option to indicated the selected server.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 18
DHCP Operations n When two DHCP servers are used
§ When the DHCPREQUEST message is received, only the chosen server responds with a DHCPACK message carrying a full set of configuration parameters to the client. ¨ When the client receives, it checks the parameters and configures
its TCP/IP modules using the parameters. ¨ The message specifies the duration of the lease. When the lease
expires, the client may ask the server to renew it. Otherwise, the address will be put back in the pool or assigned to other hosts.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 19
DHCP Operations n When two DHCP servers are used
§ The client may send a DHCPRELEASE message to the server to relinquish the lease on the network address.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 21
DHCP Message Fields
n Opcode ¨ 1 means a boot request from client ¨ 2 means a boot reply from server
n Hardware Address Type ¨ The values are defined in the “Assigned Numbers” RFC ¨ The value is 1 for an Ethernet MAC address
n HW address length ¨ The length of the hardware address
n Hop count ¨ Optionally used by relay agents ¨ A relay agent is a host or router that forwards DHCP
messages between DHCP clients and servers
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 22
DHCP Message Fields n Transaction ID
¨ Randomly assigned to link requests and replies between a client and a server
n Number of seconds ¨ Elapsed time in seconds since the client began an address
acquisition or renewal process
n Flags ¨ Broadcast flag, the leftmost bit. Used when a client cannot
receive a unicast IP datagram before its interface is configured ¨ Remaining 15 bits must be 0 (reserved for future use)
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 23
DHCP Message Fields
n Client IP address ¨ Use when the client is in BOUND, RENEW, and REBINDING
state and can respond to ARP requests
n Your IP address ¨ client’s IP address from DHCP server
n Server IP address ¨ the IP address of the next server to use in bootstrap
n Relay agent IP address ¨ used when booting via a relay agent
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 24
DHCP Message Fields
n Client Hw address ¨ The hardware address of the client ¨ For an Ethernet address, the first 6 bytes are filled and the
remaining bytes are set to 0
n Server hostname ¨ Hostname of the DHCP server
n Boot filename: ¨ Use in a DHCPOFFER message to specify the fully qualified,
null terminated path name of a file to bootstrap from
n Options ¨ optional vendor specific field
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 25
DHCP Configuration
n An example of a DHCP server configuration file
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 26
Network Time Protocol (NTP)
n Accurate timing is important in network design, management, security, and diagnosis.
n NTP is an application layer protocol, with UDP or TCP port 123, used to ¨ Provide accurate timing in the network ¨ Synchronize routers, hosts, and other network
devices
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 27
NTP Timing Service n NTP timing service uses a hierarchical architecture
organized into 16 stratums ¨ An NTP primary server, or stratum-1, is synchronized with a high
precision clock ¨ About 175,000 hosts running NTP in the Internet, over 300 valid
stratum-1 servers ¨ Each server chooses one or more higher stratum servers and
synchronizes with them
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 28
NTP Operation Modes
n Clients and servers can operate in the multicast or broad cast mode. ¨ Timing information is broadcast or multicast by the servers. ¨ A client can proactively poll the servers for timing information.
n NTP client synchronize with a server in two ways ¨ Query time information from and synchronize to a remote NTP
server ¨ Synchronize with a remote server continuously and automatically
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 29
Network Address Translator
n Mapping one set of IP addresses (usually private) to another set of IP addresses (usually public).
n Used for: ¨ Security: internal network is invisible to the
outside ¨ Reuse IP address: Share a small pool of IP
addresses with a large number of hosts
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 30
How it works n Two networks:
¨ Global network/External network: the Internet ¨ Private network/Internal network
n Two sets of IP addresses: ¨ Public Internet address: Assigned by IANA ¨ Private address: 10/8, 172.16/12, and 192.168/16 are recommended to
be used
n Stub routers: ¨ Perform mapping/translation of the two set of address ¨ ICMP message payload is also translated
n Two types of assignment: ¨ Static address assignment: static mapping of public/private addresses ¨ Dynamic address assignment: mapping is dynamic, based on requests
and chosen from the available address pool
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 31
Three step operation n Address binding:
¨ A private node IP address is associated with an external address.
¨ The router maintains a table recording the associations n Address lookup and translation:
¨ Outgoing packets: source IP address is changed to the corresponding external address
¨ Incoming packets: destination IP address is changed to the corresponding private address
n Address unbinding: ¨ When the session is over, the entry is removed from the table
and the external address is released for other connections to use
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 32
NAT: An Example
...
NAT enabled stub router
Private network
10.0.0.2 10.0.0.3 10.0.0.10
10.0.0.1
128.238.4.12 128.238.4.13 Public addr Private addr
128.238.4.12 10.0.0.2
The association table
src IP: 10.0.0.2
src IP: 128.238.4.12
Address pool
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 33
Port Address Translation
n Port Address Translation (PAT) extends the notion of translation one step further by also translating transport identifiers (e.g., TCP and UDP port numbers, ICMP query identifiers).
n PAT allows a set of hosts to share a single external address.
n Note that PAT can be combined with Basic NAT so that a pool of external addresses are used in conjunction with port translation.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 34
How PAT Works
n The association table: maintains mapping of IP address, port number, and ICMP query ID
n Outbound packets: translate the source IP address, source port number, ICMP query ID and related fields such as IP, TCP, UDP and ICMP header checksums.
n Inbound packets: the destination IP address, destination transport identifier and the IP and transport header checksums are translated.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 35
Other Issues for NAT
n All ICMP error messages (with the exception of Redirect message type) will need to be modified, when passed through NAT: ¨ Destination-Unreachable, ¨ Source-Quench, ¨ Time-Exceeded, ¨ Parameter-Problem.
n Change the original IP packet embedded in the payload of the ICMP error message. ¨ IP address and port numbers ¨ Checksums
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 36
Other Issues for NAT (II) n Security benefits:
¨ Restricts outside sessions’ access to internal hosts ¨ Can be used in conjunction with a firewall to filter
unwanted traffic n May not support security techniques that
depend on IP addresses n Computation intensive:
¨ search the headers, table lookup, change the headers, checksum computation, …
¨ The stub router becomes the performance bottleneck
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 37
Other Issues for NAT (III) n Does not support applications with IP-address
content: e.g., SNMP n Does not support applications with inter-
dependent control and data sessions: e.g. H.323, RTP
n FTP: the client uses PORT command in the control TCP connection to identify the IP address and port number for the data connection
n Solution: need special Application Level Gateways (ALG)
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 38
Socket Programming in a Nutshell n Most of the applications are implemented using the
socket Application Programming Interface (API). n TCP/IP protocols are implemented in the system
kernel. n User applications can use the TCP/IP service through
the socket API.
Panwar, Mao, Ryoo, Li: TCP/IP Essentials 39
Socket Programming for Applications
n Each participating process in the application should create a socket, containing the IP address and a unique port number.
n The application process can use the socket functions for sending or receiving data.
n Three types of sockets for applications to use: ¨ TCP sockets, used to create a TCP connection ¨ UDP sockets, used to provide the datagram service ¨ Raw sockets, for applications to bypass the transport layer
protocols and use the IP datagram service directly n Client-server architecture is used in socket programming.